package com.yun.zf.system.security.token;

import com.yun.zf.common.admin.domain.LoginUser;
import lombok.Getter;
import lombok.Setter;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;

import java.util.Collection;

@Getter
@Setter
public class MobileCodeAuthenticationToken extends AbstractAuthenticationToken {
    //自定义属性
    private LoginUser user;
    private String mobile;
    private String code;

    /**
     * 认证时过滤器通过这个方法创建Token，传入前端的参数
     * @param mobile
     * @param code
     */
    public MobileCodeAuthenticationToken(String mobile, String code){
        super(null);
        this.mobile = mobile;
        this.code=code;
        //关键：标记未认证
        super.setAuthenticated(false);
    }

    /**
     * 认证通过后Provider通过这个方法创建Token，传入自定义信息以及授权信息
     * @param authorities
     */
    public MobileCodeAuthenticationToken(LoginUser user, Collection<? extends GrantedAuthority> authorities) {
        super(authorities);
        this.user = user;
        //关键：标记已认证
        super.setAuthenticated(true);
    }

    //父类获取授权信息的两个方法，区别是啥不太清楚，但都可以返回自定义信息
    @Override
    public Object getCredentials() {
        return null;
    }

    @Override
    public Object getPrincipal() {
        return this.user;
    }

}
